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METHOD FOR PKOIECTING AGAINST IHE OHAinHaRIZED USE 
OF SOnWARE IN A OOMEVTER NETOORK E»Vm3WhffiNT 

BACKGRQ[ JMf^ OF JHF tNYFNTIOH 

1. FIELD OF THE iNyPMyif^M 

The present fnventton relates to a method for protecting against 
the unauthorized use of a software aw>r*calion in a computer network 
environment. 

2. ARTBACKGROUMp 

A computer network is typically an interconnection of machines or 
agents over finks or caWes. The open access characteristics of a computer 
network presents opportunities for the unauthorized copyir^ of software, thus 
ero<fing the ficensing revenue potential of sofhvare developens. Traditional^, 
ehher the entire network must be Bcensed (commonly referred to as a site 
ficense), or each node where the sofhvare Is njn must t>e Bcensed (commonly 
referred to as a node ficense). A node refers to a ^te machine, agent or 
system in a con^Duter network, A icense is an authofizatton given by a 
software developer to a customer to use a sofhware application In a spedfte 
manner. 

A site Bcense lets all users at a designated location or network 
use the software appficatlon. regardless of their positton on the network. This 
flat-fee af^roach is an overkill for a tow usage software aivlication. A node 
icense not only ties a software application to a particular machine in a 
network, but also is not cost effe<aive for the Infrequent use of a software 
appBcation. See. tor example, U.S. Patent No. 4,688,169. Furthermore. W new 
users of Dcensed nodes wish to use the software applcatkMi, they are often 
required to purchase additional Bcenses. 

An alternative to a site Bcense or a node Bcense is the concept of 
a concurrent usage Bcense. A concurrent usage Bcense restricts the number 
of users allowed to use a software application at any given time, regardless of 
their location on the network. Just as renters chedc out available copies of a 



movie video from a video rental store, users on a network check out a software 
appGcation from an agent on a first-come-first-serve ba^s* Thus, a concurrent 
usage Coense charges a fee for the use of a software appHcatton proportional 
to its actual use. 

Methods to Gcense a software app6catk>n for concurrent use in a 
network environment are currently offered by Highland Software, inc. and 
ApoHo Computer. Ina See. M. Olson and P. Levine. ^Concurrent Access 
Licensing*, Unix Rewew. September 1988, Vol, 6, No. 9. In general, the 
license for a software appScation is stored in a database contfDlied by a 
Bcense server. A ik^ense server is a program thai not only stores the license, 
but also verifies the user's credentials before checking out the Gcense to the 
^sthenticated user. To protect against the authorized use, these methods to 
fioense concurrent usage rely on s^red communications such as 
public/private key encryption. Under put^ic/pdvate key encryptk>n. each user 
of the system has tvra keys, one of whk^ Is generaify krmtm tothe pid>fc, and 
the other which is prhfate. The private transformatkin using the private key is 
related to the pubGc one using the pubic key but the private key cannot be 
oomputatbnalty determined from the public key. See Denning. D.. 
Cryptography and Data Security, Addison-Wesley. 1982. The encryption key 
is hidden in the license server to encrypt ti)e database of ficenses. Well 
deigned pub&c^'vate key encrypUon schemes are difficult to crack, 
especially H the Gcense server is tocated in a trusted environment A trusted 
environment is one whose access Is finUted to users having the proper 
aedenfials. However, a Bcense server is more fikely to be located at a 
customer's site and hence in an hostile environment, it follows that the Gcense 
server Is vulnerable to sophi^'cated intn^rs. Once the private k^ is 
decrypted, all sensitive information on the Gcense server such as Gcenses are 
compromised. 



ft is therefore an object of the present invention to provide a more secure 
method to protect ag^nst the unauthorized use of software in a concurrent use 
licensing environment 



SUMMARY QF THE INVENTION 

The present invertfion provides to the s(^tware af^ticatton the 
verification and ficense chedc out functions wWch are rK)rmally performed by a 
5 license server. The preferred embodiment of the present invention comprises a 
computer network including a pluraGty of agents mnning at least one license 
server and at least one software appQcation. The icense server controls a 
database of an agent containing the license iniormatton lor the scfhvare 
application. The ficense Information Is contained in a Ecense token, and is 

1 0 stored in the database controlled by the Ecense server. The license token is a 
^edal tHt pattern or packet which Is encrypted the software vendor of the 
appIx:ation software. The software application communicates with the Ccense 
server through a licensing library. The licensing library Is a collection of library 
routines that the software application invt^es to request or renew a license 

1 5 from the license server. Before a software appScation obtains a Hcense. ttie 
G<»nse token must be decoded by a ycense access module. The Itoense 
access module, which is Inked with the software appCcatton aiKJ the licensing 
Gbrary is a program that decodes the license token from a vendor ^edftc 
format to a Scensir^ library format. 

20 

When an user wrishes to mn a software appGcation, the Gcensing Cbrary 
Invokes a call to request a Gcense token from the Scense server. In contrast to 
the prfe>r art where the Gcense server either grants or denies the request after 
verifying the user's credentials, the Gcense server In the preferred embodiment 

25 of the present inventton finds the connect ficense t(^n for the software 

application and transmits the Scense token to the Bcensing Gbrary. The Gcense 
access module attached to the Gcensing Q»rary decodes the Gcensing token. 
Routines in the licen^ng Gbrary coupled to the software applrcatk>n verify the 
Gcense infonnation before checking out the Gcense and updating the ficense 

30 token. The Gcense access module encodes the li^ated Gcense token before 
returrting it to the Gcense server. 
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Because the verification and check out function of a Bcense token are 
performed by a software application^ the software appGcation rather than the 
Scense serve|[ becomes the point of attack by unauthorized users. Reverse 
engineering the Scense access module is less rewarding than attacking the 
5 Icense server because the license access module reveals the contents of a 
fraction of a database of ficenses. By the tlnf>e most attackers crack the Gcense 
access module, the software vendors would most Ekety introduce newer 
versions of the software appScation and new Hcense access modules for thenrt 
Thus the present invention provides a more secure method for protecting 
1 0 against the unauthorized use of a software appCcation In a computer network 
emdronment wthout modifying the underlying computer network. 
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RRIFF DESCq iPTtnM QPTHE DRAWINGS 

Hgure 1 illustrates a network enwronmerrt employirHJ the present 
invention. 



5 

Hgure 2 de^ribes the architecture of a network Ocensir^ scAeme 
emptoying the preferred embodimeni of the present Inventton, 

Figure 3 describes the Installation of a Boense token in the preferred 
1 0 embodiment of the present Invention. 

Figure 4a Hlustrates the use of a Itoense token to request a license from 
a license server In the preferred embodiment of the present Invention. . 

1 5 Hgure 4b Ulustrales the use of a loense token to renew a Scense f nom 

a license server in the preferred en^KXflment of the present invenBon. 

Hgure 4c aiustrates the use of a Bcense token to release a Bcense from 
a Bcense server in the preferred errtbodiment of the present Invention. 

20 
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NOTATION ANH KfOMPKini at^^rp 



The detaled description that follows te pfesented largely in tenns of 
algorithms and symtwBc representations of operations on data bits and data 
5 structures within a comfHrter memory. These a^rithmic descriptions and 
representations are the means used by those skified in the data processing arts 
to most effectively convey the substance of their wo* to others skilled in the 
art 

1 0 An algorithm is here, and generally, concehwl to be a seff-consistent 

sequence of steps leading to a desired result These steps are those requiring 
physical manlpulatton of physical quantities. Usually, though not necessarily, 
these quantities take the form of electrical or magnetic signals capable of being 
stored, transferred, combined, compared, and othenrise n^nipulated. it proves 

1 5 convenient at times, prindpally for reasons of common uss^e. to refer to these 
signals as bit patterns, values, elements, symbols, characters, data packages, 
or the fike- It shouW be borne In mind, however, that all of these and similar 
terms are to be associated with the appropriate physical quantities arxJ are 
merely convenient labels applied to these quantities. 

20 

Further, the manipulations performed are often referred to In terms, such 
as adding or comparing, that are commonly associated with mental operations 
perfonned by a human operator. No such capability of a human operator is 
necessary, or desirable in most cases, in any of the operattons described 

25 herein that form part of the present invention: the operations are machine 
operations. Useful machines for perfonring the operattons of the present 
Invention include general purpose digital computers or other similar devices. In 
as cases there shoukJ be borne in mind the cfistinction between the method of 
operations In operating a computer and the method of computation itself. The 

30 present inventton relates to method steps for operating a computer in 

processing electrical or other (e.g. mechanical, diemicaO physical sfenals to 
generate other desired physical signals. 
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1^ present invention also relates to an apparatus for performing these 
operations. This apparatus may b9 spedafly constructed for the required 
purposes, or it may comprise a general purpose computer as selectively 
5 activated or reconfigured by a computer program stored in the computer. The 
fidgorithms presented her^n are not inherently related to any particular 
computer or other apparatus. In particular, various general purpose ms^ines 
may be used with fKograms written in accordance with the teachings herein, or 
it may prove more convenient to constaxrt a more spedaEzed af^ratus to 
1 0 perform the required method steps. The required structure for a variety of these 
machines will appear from the description given below. 
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DETAILED PFSCRiPTiOM np y^p tMYPMrtTH 



The foltowing detailed description is divided Into several sections. The 
first of these sections describes a general network environment for accessing a 
database of licensed software programs. Subsequent sections discuss the 
details of a method for protecting against the unauthorized us« of a software 
application. 

1. General NPtwnrk Fnyimnnw^m 



10 



Referring to Figure 1. computer network environment comprises a 
pluralHy of data processing devices identified generally by numerals 10 
through 10" (illustrated as 10. 10' and 10«»). These data processing devices 
may include terminals, personal computers, workstations, minicomputer. 
15 mainframes and even supercomputers. For the purposes of this Specification, 
all data processing devices which are coupled to the present Invention's 
networit are collectively referred to as -agents', it should be understood that 
the agents may be manufactured by different vendors and may also use 
different operating systems such as MS-DOS. UNIX. OS/2. MAC OS and 
20 others. Particular examples of suitable agents include machines manufactured 
by Sun Microsystems. Inc.. Mountain View. CaKf. Each of the agents has an 
input device such as a keyboard 11. 11' and 11" or a mouse 12. 12' and 
12". As shown, agents 10 through 10" (illustrated as 10. 10* and 10"} are 
Interconneded for data transfer to one another by a common cable 13. it wiH be 
25 appreciated by one skilled In the art that the common cable 13 may comprise 
any shared media, such as coaxial cable, fiber optics, radio channel and the 
ike. Furthermore, the network resulting from the Interconnection of the cable 
13 and agents 10 through 10" (illustrated as 10, 10' and 10") may assume a 
variety of topologies, such as ring, star, bus. and may also include a collection 
30 of smaller networics finked by gateways or brieves. 
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Referrif^ again to Rgure 1 1s a ficense sanacc 14, The fioense 
service 14 is a resource shared by every agent oomected to the network. In 
the preferred embodiment of Vt\» present Invention, the ioense service 14 
comprises Ucense sen^rs 15 through 15™ (iHustraled as 15, 15* and 15™) 

5 and databases 17 through 17" fitlustrated as 17. ir and IT™), where m Is 
less than or equal to n, A license server is a program fliat njns on an agent with 
a memory storage capability. Each fioense server 15 pllustrated as 15, 15* 
and 15™) communicates with a database 17 stored in memory on the ^ent 
over an Interface 16 (tnustrated as 16, 16' and 16™), As wifl be described In 

1 0 detail below, the database 17 stores licensing infomiation for various software 
applications whidi are purdiased and authorized to nin In the computer 
network environment The license server is not Ifrited to run on a specific 
agent, but ^ operate on any agent including the agent on which the user is to 
operate the appBcation. Thus, any agent connected to the network may 

15 functfon as a license server as well as adewoe on wfrich a i«er may operate 
appBcation software. As will be described below, ttie Scense server does not 
perform verification of ficenses of aw^Rcation software: rather the fioense sen^r 
is passive and provWes storing, locking, togging, and crash recovering 
function for the appBcation software, 

20 

Rgure 2 Illustrates the arrfattecture of a networic Bcensing scheme of 
the present invention. The arohitedure comprises a database 18. database 
Interface 19. fioense server 20. Soensing Bbr^ 24. Ltaense access module 
27. Bcense administratton tool 21, Boense servfce tender 29, and Bcense 
25 production tool 34. 

The database 18 stores ficensing Information and applicaiion usage 
data. Preferably the database 18 comprises a pluraSty of records which 
contain the following information: 
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Database Element 


Description 


Unique Key Table 


Keys for all other tables 


Vendor Table 


Vendor's ID and name 


Product Table 


Product number and nanne 


Version Table 


Version number and date 


License Table 


License #..exp date, totai units 


License Token Table 


Stores encoded Gcense token 


Unit Group T£d>]e 


A group's allocation of license 


Group List TaUe 


NameofthegnDup 


Altowed Users Table 


Credentials of aHowed users 


Current License Use Table 


Applications using a license 


Lock Table 


Locked records In database 


Authorized administrator Table 


Login names of administrators 


License Operation Log Table 


Administrator's log information 


License Usage Log Table 


ftequest handle plus Cfient Log 


License Queue Log Table 


License wait 9jeue 


AnXication Message Log Table 


Application spedftc messages 



A database interlace 19 pro\Ades communication between the 6cense 
server 20 and the database 18 in order to prevent concurrent access to the 
same database record by multipie users which can cau$e the data in the 
record to become corrupted. Thus, only the owner of the lock can read from 
25 and wnte to the k>cked record during the us^e of the application. 

The Ecense server 20 operates on an ^ent and Interfaces the database 
16 to Icense administration tool 21, licensing fibrary 24 and license service 
binder 29. The Bcense server 20 oommunteates wth the Rcense 
30 administration toot 21, ficensing library 24 and icense sen^Ice binder 29 via 
an interface 23. Preferably the interface 23 is a remote procedure call 
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mechanism whfch permits a process opetaflng on one device or agent 
connected to the networic to request a resource or service from a remote device 
or agent connected to the network. See A. Knell and B. Nelson, "hnplemenlino 
Remote Procedure Calls." ACM Transaction on Computer ^sterns. February 
5 1984. Vol. 2. No. 1. 

MuBiple Icense servers may reside on multiple agents. Preferably the 
Coense sewer 20 operates In a bad^round mode of the agent such that Its 
operation Is transparent to a user of that agenL More particularty. as wriB be 
10 described bekw. the license server 20 provides the following functions: 1) 
senmidng the requests from the Bcenang Bbrary 24 for Icense toiten; (2) 
maintaining a wait queue for requests to the database 18 when no Scensing 
units are available: (3) generaBng loclts for exclusive access to datd)ase 
18: and (4) provkfing access to infonnation in the dOsbasB 18. 

15 

The licensing Ibrary 24 Is a set of Bbrary routines whfeh enable the 
appficatton 26 to request Pcenslngser>noe from the Boense server 20. Upon 

receiving the request for servfce from the loen^ng ibrary 24, the Bcense 
sen«r20 retrieves a icense token from the database 18 and transmits it to the 

20 licensing Ibrary 24. The Itoensing ibrary 24 Is inked with the appBcation 26 
and communk:ates *rith the Iteense server 20 over a path 28 with, preferably, 
a remote procedure call mechanism 23. Among the major Bbraiy cans in the 
f censing Ibrary 24 Is ttie appOcation's lequ^ for a Bcense from the Hcense 
server20. Other important Ibrary caBs IncWe the request to renew and to 

25 letease a ioerwe. The use of the Bcense token to accon^sh the request for 
the various loensing service will be described in detan betow. 

The icense access module (1^ 27 is prepared by the software 
vendor 24 to decode the Bcense token. Once decoded, the appBcation 26 via 
30 routines m the licensing Bbra^ verifies the Boensing Information in the license 
token and deternSnes whether a Icense may be d^ecked out The iAM 27 
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also encodes the license token before the af^ticaiion returns tt to the database 
18 via license server 20. The Gcense access module 27 is described in 
further detail below. 

The Boense administration tool 21 is ufiSzed by the network administralor 
Id perform administrative functtons relevant to the concurrent usage of a 
software application. The Bcense administration tool 21 may run on any agent 
connected to the computer network. The Bcense administration tool 21 Is 
primarily used to install the license token into the database 18 through the 
Pcense server 20. JhB functionaTity of the icense adntinistration tool 21 
includes: (1) starting or temirnaling a Kcense server* (2) accessing a database 
controlled by a license server; and (3) generating and printing reports on 
license usage. 

The applteation 26 may not access the database 16 dir^ly; rather, the 
request for a Gcense is made through the Ecen^ng Gbrary 24 to the license 
server 20 over a path 28. Most netwodi Ecensir^ schemes employ secured . 
communication between the lk:ensing Ebrary 24 and the license server 20. in 
contrast* the present Invention uses the Icense access module (LAM) 27 the 
Gcense libraiy 24 and a pfuraGty of license tokens to protect against the 
unauthorized use of software application in a com(Hiter networic 

Refem'ng once ag^'n to Figure 2, a icense service binder 29 is shown 
coupled to the Bcense server 20 over a path 30. The Scense service blrKier 
29 is invoked by means known in the art such as a network sennce program. 
The Bcense sen^ tender 29 tocates all egents that are designated as servers 
on the networic, and keeps track of which server is servicing which appEcatbn. 
The ficense servk^ binder 29 contacts each server on its table of available 
servers and requests a Gst of products it serves. Rnally the license service 
binder 29 writes the contents of the table of avautable license servers and the 
ist of products into a binding fiie 32 over a path 31. In Figure 2. the binding 
file 32 is coupled to the licensing library 24 over a path 33. The application 26 
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queries the bicKling file 32 to see w^ch license server can service As request 
for a license. 

A icense production tool 34 is used by the software vendor to create a 
ficense token for transmittal to the network administrator. Reoehring the Scense 
token, the network administrator installs it wfth the Ik^nse administrailon tool 21 
into the database 18 through Bcense server 20. 

II, license Toten 
Referring to Hgure 3» the creation of a Ccens6 token in a computer 
network emptoying the preferred embodment of the present Invention wit be 
described. A computer network 38 is shown coupled with a ficense 
administration tool 39 and a single Ftcense sen/er 44. The Scense server 44 
communicates wth a database 45. Appitcations 41, 42, ar^ 43 are shown 
requesting licensing service from the Scense server 44. VMien a customer 
purchases a license for an application, such as a CAD/CAM program for its 
research and devetopment department, the software vendor creates a Scense 
token with a Bcense production tool, and deSvers the Ecense token to ihe 
customer's network administrator. A license token is a special bit pattern or 
packet representing a Scense to use a software appScation. The network 
administrafor installs the ficense token 46 into the database of the Bcense 
server using the ficense administration tool 39. UnSke the token used in a 
token rir^ which is passed from agent to agent, a ficense token in the preferred 
embodiment of the present invenb'on is passed only between a license server 
ar^i a Scensing Ebrary for a predetermined amount of time. The predetermined 
amount of time corresponds to the time the Scense token is diecked out of the 
Boense server Currently, the ficense token is checked out to an af^Scation for 
no more than ten seconds, and the Boense tcton is returned as quiddy as 
possible to the issuing Ecense server. The license token 46 contains 
information encrypted in the vemfor's format such as .vendor identification, 
product and version numbers as well as the numt)er of ficense units purchased 
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for the b'cense token. A Ecense unit corresponds to the license weightir^ for an 
agent connected to the computer network. For example, powerful workstations 
could require nrK>re icense units to use a software appfication than an average 
persona] computer. 

6 

The software vendor produces a license token usir^ a Ocense 
production tool 40. A path 47 ilhjstrates how a ficense token 46* makes its 
way to a ficense administralion tool 39 at the customer's site. There* the 
system administrator installs the ficense token 46* as ficense token 46 into the 

10 license database 45 of the icense server 44. Apath 48 Incficates the transfer 
of the ficense token 46' from the ficense administration tool 39 to the Ik^ense 
server 44 and into the database 45 as ficense Xckdn 46. The ficense sen^r 
44 Is now ready to entertain requests from applicattons 41, 42, and 43 for a 
ficense to use the appficatton correspondng to token 46 as weB as other 

1 5 applications represented in its database 45. 

It shouM be understood that eadinetworic may have a lAraBty of 
ficense sen/ers and each Ocense server mey have in its database a plurality of 
license tokens tor a variety of software appTications. Referring again to ngure 

20 3. If appfication A 41 recasts and checks out the ficense token 46 for less 
than ten seconds. appGcatk>ns B and C 42, 43 woutd be unatrie to check out 
. the ficense token 46 if their requests were made during the same time 
appfication 41 is checking out a Ecectse from the ficense token 46 because of 
the k)Cldng mechanism provided by database Merface 19. Tluis, to achieve 

25 concurrertf Ecense usage in nehrark 38, it is preferred that the network 
administrator installs more than one ficense server To minimize the task of 
recovering from ficense server crashes. H also preferred that the system 
administrator spreads the ficense units for any one appfication among a 
plurafity of ^ategicaHy tocated ficense servers. For Instance, If a network has 

30 four ficense servers, the network administrator may want to adocate the twenty 
license units for a particular popular appHcation among four license tokens with 
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five license unite for each Bcense token. In the event one Bcen&e server 
crashes or the icense token is checked out, the other three Bcense servers 
ntay prosride Bcensing service to other applications. 

5 Figure 4a illustrates fiie use of a Bcense token to request for a Scense. 

As shown, a network 50 is pro^rided, and coupled to AppEcations 52, 54 
and 56 respectiveiy. Appicatton 56 succeeded in requesting a tk^ense token 
from the teense server 58 in step 59. The Bcense token is transmitted to 
appteatton 56 in step 60. When done, AppOcation 56 reUims the license 

10 token to the Icense server 58 in step 61. Askfe from the Bcense request 
ftjnction performed with the Dcense token as sho%m in Hgure 4a. the Scense 
token ts also used in other critteal stages of the Bcensing process. For 
example, an user may wi^ to tun an appiicatkMi beyond the initial a!k>cated 
time. As stown in Hgure 4b, Appik:ation 68 makes a Bcense renew;^ 

1 5 request 71 from the Bcense server 70 with Bcense token 72. Similarly^ in 
Figure 4c the user makes a Iteense release request 83 when the s^spScation 
no tonger needs the icense units. As such, the li^ertqxlates the icense token 
84 ty returning ihe t^xfated Bcense token to tfie BcenM server 82 in step 85. 

20 111. License Acwss Modute 

In Hgure 2, a Bcense acoess rrraduie (LAM) 27 Is Bnked with ttie 
application 26 and the Bcensing Bbrary 24 to form tte executable code that 
software vendors ship to tfte custorrors. The Bcense access module 27 
decodes and encodes tto encrypted Bcense tdcen as ft Is being passed 

25 t>etween the Bcenee server and the Bcensing Byary 24. Thus the level of 
security of an appBcation from unauthorized depends heai^V upon how 
SMure the ftoense access module is. 

Conventional network Bcensing schemes use putdc/prfvate key 
30 encryption to encode sensrfive informatiOT. Such a scheme is effecth^e if the 
license server Is in a trusted en^'ronmeni However, the customer has the 
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same access to any ^rt In a network. incAxfinQ the fioense^^ The 
securtly of the licensing scheme can be con^wirtsed by a user who decryi^ 
the Boense server's private key. Once the unauthorized user detemiines the 
server's private key, he can decrypt all sensitive biformatiOT on the Ecensa 
5 server. Shoukl a« Boense servers use the same key, as Is frequently done, 
then all the security of the applications sensed by atl the Itoense servers wilt be 
compromised 

The fcense access module 27 first translates a ficense token from a 
10 vendor spedffcfonnat to a format usable l>y the Boensinglbrary 24. The 
Icense access module accomplishes the transiaiion in two modules. One 
module translates or decodes a Ifoense token from a vendor specifc 
Scenslng Ebrary format The second module translates or encodes the updated 
loense ^n from the Bcensing Ibrary fortm to the vendor specific format. 
15 The second module is Invoked anyflme the licensing Ittnary updmes the 
informatk}n In a Scense token* 

Upon receiving the Rcense token in the licensing Bbraiy fbnnat. the 
fcensing fcra^ invokes routines wfich verl^ the correctness of the Soense by 

20 reviewing the foBowirig license Infonnation stored In the token: (1) flag. (2) 
maintenance contract date. (3) host name and domain. (4) prockxa name, (5) 
host Id number, (6) Scense serial number, and (7) expiration date of Bcense. 
This is compared to the informatkmrnafntdned by the apf^catkMt ffthe 
Wonnatfon matches, the loense is vedfied. After completing the veriffeation 

25 process, a rouUne in the ficensing Ibrary is initiated which checks out the 
Icense by detsemenfing the icense units In loense token by the mimber of 
ioensing units being checked ouL 

The decoding and enoocfing routines allow software vendors to 
30 Implement their own security mechanism to protect their Ik^nses from 
unauthorized use even though they reside at the customers site. 
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Below is an example of a sample applicalion using the Rcensir^ library 
and the Doense access module written in C language: 

5 «define UC RENEWALJTIME (60) /set renewal time tor this session/ 

«define ESUlXLRENEWALjnME (UQ_RENEWAL_TIME x .9) 

NLvendorJd NU_Vendor_id - 1 223; /sat vendor #/ 

NL_prod num NL_Prod_num « "02" /set produc* #/ 

10 Nk-version NU.Version - ( 1 2/20m. "1 .0" ); /set version id #/ 

status - NL init (vendor id. NULL. Sjob.id): /initiafize Icense service/ 
if (status f«NL_NO_.ERnOR) /accept job id if no errer/ 

1 5 Lrinlf (sttierr, 'nljnit Mod - enor - 

%(An*, status }; /emr n^essage if error and 

return/ 

return; 

} 

20 unfts»3; 

code funcs.encode j> ■ ni.encode; /pointer to encode funcBon/ 
codeHhjncs.decodejD m nl decode; 4>dnter to decode funcfion/ 
If (sigifial (StQALRM), alarm Intr ) ~ {void *) -1) /set alarm If no 

error/ 

25 { 

penor fCannot set SfGALRIT); /(MienARse. error message/ 

return; 

status -NL.fequest(job.ld,ha^Prod_mirn. /request a Bcense/ 
30 &NL Version. 

unitsTUC RENEWALjnME, NL^12.SRCH. 
&code furvcs, NULL, 
&req_handle, NULL. &appJnfo}; 

if (status \m HI NO ERROR) /no error, fcense checked 

35 { ^ ~ oiA from ficense server/ 

^rfntf (stden^, "nLrojue^ failed - error. 
%d\n\ status); /otherwise, error message/ 

return; 
1 

40 /• 

* We got a Bcense /Ecense request successful/ 

•/ 

alarm (EST UC RENEWAL TIME); /set alarm for license renewal 
45 _ " ^ Hmf 

Applicaflon Runs /runs appiicalton/ 

status m NL release (rea.handle}; /request to release a Bcense/ 

If (status k NL_NO_ERROR) 

SO { ^ , 

^rintf (stderr, •nLretease failed - error « ybtherorise. error 
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%dyn\ $tatu$): 
. return; 
1 



messages/ 



5 



int 

alarm Jntr 0 



10 



status » NL_confirm (retLhancOe. 
UC RENEWAL TIME, NUa}: 

r 

* Ven^ vendor private information 
V 



Aenew ficensing unR with 
ficensir^ server/ 



15 



H (status!- NL.NO.ERROR) 
^ntf (stderr, "nljoonfirm failed - error « 



/otherv^, error 
message/ 



%\n\ status); 
{ 



puts flicense renewed*) 
) 



/successful Ccense 
rertewal/ 



20 



The sample application given above Is accompanied tv self- 
explanatory annotation to the right margin of the codes. Of particular interest 
are codeJunc.encodej> and code Juncdecode j>. Encode j> and decode j> 
BTB pc^nters to the software vendors encode and decode roufines, 

25 respecth/ety- Taking the pointers in the code June varte^, the icensing 
Bbrary can use the pointers to Invoke the decoding and encoding routines in 
the icense access module. The three major Icensing St>rafy routines, request 
lor a Dcense (NL_rec^6St)« release a Scense (Nl^release) and renew a Bcense 
(NLjconftrm) invc^e the decocSng and encoding routines. For example of a 

30 fioenseaccassnKXbie, see Appendix 1. 

In implementing the fioense access module, the fcense server becomes 
merely a repository for Bcense tdcens. The icensing Bbrary cot4>led to the 
eppBcalion performs the procedure of authentkafing the Boense token prior to 
35 granfing a Hcense and therefore access to run the af^Micatlort 

Because the level of security of the system is (fictated by the Ucense 
access module, the software vendors are free to make the fioense access 
module as simple or as complex as they dears. In particular, they are free to 
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adopt any of the encryptbnschernes as par! of their encryptk>n If^ 
security mechanism is broken, and the encr^on known to others, then the 
software vendors can easily remedy the sttuation by releasing a new version of 
the product with a new license access module. 

5 

White the present invention has been partk:utarfy descnl>ed vrith 
reference to Figures 1-4 as %veO as Appencfix 1, and with emphasis on certain 
language In implementing a method to protect against the unauthorized use of 
software appOcabon in a computer network environment, it shouM be 

1 0 understood that they are (or {flustralton onfy and shouki not be taken as 
(imitation u|>on the invention. In addition, it is dear that the method of the 
present inventkm has utility In any appGcatkm run in a computer network 
environment It is contemplated that many changes and mocfifksttions may be 
made, by one sldlled in the art, without departing from the Sfrirtt and scope of 

15 the invention dsclosed above. 
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CLAIMS 

1. In a computer network environment including a 

plurality of software applications licensed to run on at 
least one network of agents, said applications located on 
said agents wherein use of the application on a particular 
agent is permitted upon the grant of a license, said 
license being requested by a user from said agent of said 
applications, a system for protecting against the 
unauthorized use of said applications comprising: 

license token means for storing licensing; 
information of said applications; license server means 
connected to said agents for communicating with said 
applications, said license server means having a database 
which stores said license token means, said license server 
means further retrieving said license token means fron 
said database upon a request for a license by said 
applications, said license server means further 
transmitting said license token means to said 
applications ; 

license access means connected to said agents 
for decoding and encoding said license token means from 
said license server means, said license access means being 
integrated with said applications, said license access 
means receiving said license token means from said license 
sexrver means; and 

licensing library means connected to said agents 
for verifying said decoded license token means before 
access to said license is granted, said licensing library 
means being integrated with said applications. 

2« The system as defined in claim 1, wherein each 

said license token means containing licensing information 
for at least one version of each said applications. 
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3, The system as defined in claim 1^ %rtierein the 
contents of said license token means is encrypted. 

4. The system as defined in claim 1, vfaerein said 
license token means is passed betveen said license server 
means and said licensing library means for a predetermined 
time period* 

5« The license token means as defined in claim 4^ 

wherein during said predetermined time period, only one 
said applications may check out one said license token 
means • 

6« The system as defined in claim 1, vherein said 

license server means receives said request for a license 
from said applications, said license server searches in 
said database for a license token means storing the 
license requested by said application before retrieving 
said license token means. 

7. The system as defined in claim 1, vherein said 
license access means decodes the contents of said license 
token means before said licensing library means verifies 
said license token means. 

8. The system as defined in claim 1, vherein said 
license access means encodes said license token means 
after said licensing library verifies said license token 
means and prior to returning said license token means to 
said license server means. 

9. The system as defined in claim 1, vherein said 
licensing library verifies said license token means by 
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conparing the licensing information stored in said license 
token means vith the licensing information maintained by 
said application* 

10. The system as defined in claim 1, vfaerein said 

licensing library means checks out said license of said 
application in response to a positive comparison of the 
license information* 

11« The licensing library means as defined in claim 

10, wherein said license for said application being 
checked out after said licensing library verifies said 
license token means* 

12* In a computer network environment including a 

plurality of software applications licensed to run on at 
least one network of agents, said applications located on 
said agents wherein use of the application on a particular 
agent is permitted upon the grant of a license, said 
license being requested by a user from said agent of said 
applications, a system for protecting against the 
unauthorized use of said applications comprising: 

license token means for storing licensing 
Information of said applications; 

license server means connected to said agents 
for communicating with said applications, said license 
server means having a database which stores said license 
token means 9 said license server means further retrieving 
said license token means from said database upon a request 
for a license by said applications » said license server 
means further transmitting said license token means to 
said applications; 
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licenfie access means connected to said 
application and accessible from said agents for decoding 
and encoding said license token means from said license 
server means » said license access means being integrated 
with said applications; 

licensing library means connected to said 
application and accessible from said agents for verifying 
said decoded license token means before access to said 
license is granted, said llcetising library means beitig 
integrated with said applications; and 

license binding means connected to said license 
server means and to said licensing library means for 
constructing a binding file, said binding file informing 
said licensing library means which of said license server 
means may grant a license to said application. 

13. The system as defined in claim 12, wherein said 
licensing library means are located on the same agents as 
said applications* 

14. The system as defined in claim 12, wherein said 
license sever means are located on the same agents as said 
licensing library means. 

15. The system as defined in claim 12, wherein each 
said license token means contains licensing information 
for at least one version of each of said applications. 

16. The system as defined in claim 12, wherein the 
contents of said license means is encrypted. 

17. The system as defined in claim 12, wherein said 
license token means is passed between said license server 
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means and said licensing library means for a predetermined 
time period, 

18, The license token means as defined in claim 17, 
vherein, during said predetermined time period, only one 
of said applications may check out one said license token 
means* 

19. The system as defined in claim 12, wherein said 
license server means further transmit said license token 
means to said licensing library means, 

20. The system as defined in claim 12, wherein said 
license access means decodes the contents of said license 
token means before said licensing library means verifies 
said license token means, 

21, The system as defined in claim 12, wherein said 
license access means encodes said license token means 
after said licensing library verifies said license token 
means and prior to returning said license token means to 
said license server means. 

22. The system as defined in claim 12, wherein said 
license binding means constructs said binding file by 
contracting each said license server means to request for 
a list of applications it serves, said binding file 
containing said list of applications available from said 
license server means. 

23, In a computer network environment including a 
plurality of software applications licensed to run on at 
least one network of agents, said applications located on 
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said agents wherein use of the application on a particular 
agent is permitted upon the grant of a license, said 
license being requested by a user from said agent of said 
applications, a system for protecting against the 
unauthorized use of said applications substantially as 
hereinbefore described with reference to the accompanying 
dravings. 



PUbZlibcd IfiBI 11 Tbe ItettlOace. State Hocir: 66m Hc«i^ 



